GHSA-F3Q6-69F3-VWCH FastChat has a Content Moderation Bypass via Arena Side-by-Side Views

A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function addtext of the component Arena Side-by-Side View Handler. The manipulation results in incorrect control flow. The attack can be launched remotely. The exploit is now public and may be used. The root cause was...

CVE-2026-27950

CVE-2026-27950 affects FreeRDP prior to 3.23.0, where the heap-use-after-free described in the advisory is incompletely fixed in the SDL2 path (SDL3 path fix present). The SDL2 code path does not nulled the pointer after free, leaving a vulnerable execution flow in some builds/environments. A com...

SUSE-SU-2026:20154-1 Security update for python313

This update for python313 fixes the following issues: - Update to 3.13.11: - Security - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 - CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 -...

EUVD-2023-12808

Malicious code in bioql PyPI...

EUVD-2023-12807

Malicious code in bioql PyPI...

EUVD-2022-24402

Malicious code in bioql PyPI...

CLSA-2025-1758300791 glibc: Fix of CVE-2019-9169

Fix spec-file for CVE-2019-9169...

UBUNTU-CVE-2022-49064

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...

SUSE-SU-2025:20056-1 Security update for docker

This update for docker fixes the following issues: Security fixes: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient validation of parent directory on mount bsc1219268 - CVE-2024-23653: Fixed insufficient validation on...

Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...

Description of the security update for SharePoint Server 2019: April 9, 2024 (KB5002580)

Description of the security update for SharePoint Server 2019: April 9, 2024 KB5002580 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-26251. Notes: This ...

CVE-2023-0799

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e...

CVE-2023-0802

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127...

CVE-2023-0795

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e...

CVE-2022-3626

LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemset in libtiff/tifunix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit...

CVE-2022-3597

LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit...

Important: Red Hat Security Advisory: libsndfile security update

An update for libsndfile is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Denial Of Service (DoS)

Exiv2 is vulnerable to denial of service. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a deni...

OPENSUSE-SU-2021:1079-1 Security update for go1.15

This update for go1.15 fixes the following issues: - go1.15.14 released 2021-07-12 includes a security fix to the crypto/tls package, as well as bug fixes to the linker, and the net package. CVE-2021-34558 Refs bsc1175132 go1.15 release tracking bsc1188229 go47143 CVE-2021-34558 go47144 security:...

openSUSE Security Update : python3 (openSUSE-2020-2333)

This update for python3 fixes the following issues : - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 an...